一个low逼的boofuzz脚本生成器
直接贴代码
def do_body(line):
global script
t=line.split('&')
for i in range(len(t)):
m,n=t[i].split('=')
script+='\t\ts_static("%s=")\r\n' %(m)
script+='\t\ts_string("%s", max_len=1024)\r\n' %(n)
if i!=len(t)-1:
script+='\t\ts_static("&")\r\n'
IP='ihome.360.cn'
PORT=80
script='from boofuzz import *\r\n'
script+='def main():\r\n'
script+='\tsession = Session(target=Target(connection=TCPSocketConnection("%s", %d)),)\r\n' %(IP,PORT)
script+='\ts_initialize(name="Post")\r\n'
script+='\twith s_block("Post-Line"):\r\n'
f=open('C:/Users/wei/Desktop/fuzz/post.txt','rb')
Fscript=open('C:/Users/wei/Desktop/fuzz/FuzzScript.py','wb')
line=f.readline()
while line:
if line=='\r\n':
line=f.readline()
script+='\ts_static("\\r\\n", "Request-CRLF")\r\n'
script+='\twith s_block("Body-Content"):\r\n'
do_body(line)
script+='\tsession.connect(s_get("Post"))\r\n'
script+='\tsession.fuzz()\r\n'
script+='if __name__ == "__main__":\r\n'
script+='\tmain()\r\n'
f.seek(0)
all_file=f.read()
script+='\r\n\'\'\'\r\n'+all_file+'\r\n\'\'\''
else:
t=line.split(' ')
for i in range(len(t)):
if '\r\n' in t[i]:
tt=t[i].split('\r\n')
#print tt
if i!=0:
script+='\t\ts_delim(" ")\r\n'
script+='\t\ts_static("%s")\r\n' %(tt[0])
script+='\t\ts_static("\\r\\n")\r\n'
else:
if i!=0:
script+='\t\ts_delim(" ")\r\n'
script+='\t\ts_static("%s")\r\n' %(t[i])
line=f.readline()
script+='\r\n'
Fscript.write(script)
Fscript.close()
f.close()post是这样子的
POST /app/universal_app/led_ctrl_set.cgi HTTP/1.1
Host: ihome.360.cn
Content-Length: 122
Accept: */*
Origin: http://ihome.360.cn
X-Requested-With: XMLHttpRequest
token_id: 473a100f2461ce8d66c7669b1ef753fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 QIHU 360SE
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://ihome.360.cn/app/led_ctrl/webs/index.html?t=1597391805452
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: __huid=11lM5QC7M8%2BV1m3gpUbZxqvmp7coC1eB9CCPwMYIxdv38%3D; __guid=132730903.1862459395348000300.1571113487520.2976; v=o14)R.-Hwi:T1ZCsB878; Qs_lvt_317691=1571458567%2C1571458709; Qs_pv_317691=2053859005725308000%2C2143554520725135600; bad_id73963b90-5cf1-11e9-9a78-b1dd2463a67d=71c7cc71-f729-11e9-bad4-935ebcb55de6; __DC_gid=65863720.124356338.1571407940111.1576040598488.23; Qs_lvt_327145=1576040593%2C1576040598; Qs_pv_327145=3877702283560961000%2C2235936494817687300%2C1812823523483131100%2C1983296644454798300; Qs_lvt_299978=1577692531; Qs_pv_299978=3121754979306215400; _ga=GA1.2.1911454275.1577692533; __gid=65863720.124356338.1571407940111.1584088558934.86; Qihoo_360_login=3aba4d3d59d988db817a2e4674375f9a; monitor_count=1
Connection: close
start_hour=23&start_minute=00&end_hour=07&end_minute=00&timer_day=1%202%203%204%205%206%207&timer_enable=1&action=add&idx=生成出来是这样子的
from boofuzz import *
def main():
session = Session(target=Target(connection=TCPSocketConnection("ihome.360.cn", 80)),)
s_initialize(name="Post")
with s_block("Post-Line"):
s_static("POST")
s_delim(" ")
s_static("/app/universal_app/led_ctrl_set.cgi")
s_delim(" ")
s_static("HTTP/1.1")
s_static("\r\n")
s_static("Host:")
s_delim(" ")
s_static("ihome.360.cn")
s_static("\r\n")
s_static("Content-Length:")
s_delim(" ")
s_static("122")
s_static("\r\n")
s_static("Accept:")
s_delim(" ")
s_static("*/*")
s_static("\r\n")
s_static("Origin:")
s_delim(" ")
s_static("http://ihome.360.cn")
s_static("\r\n")
s_static("X-Requested-With:")
s_delim(" ")
s_static("XMLHttpRequest")
s_static("\r\n")
s_static("token_id:")
s_delim(" ")
s_static("473a100f2461ce8d66c7669b1ef753fe")
s_static("\r\n")
s_static("User-Agent:")
s_delim(" ")
s_static("Mozilla/5.0")
s_delim(" ")
s_static("(Windows")
s_delim(" ")
s_static("NT")
s_delim(" ")
s_static("10.0;")
s_delim(" ")
s_static("WOW64)")
s_delim(" ")
s_static("AppleWebKit/537.36")
s_delim(" ")
s_static("(KHTML,")
s_delim(" ")
s_static("like")
s_delim(" ")
s_static("Gecko)")
s_delim(" ")
s_static("Chrome/78.0.3904.108")
s_delim(" ")
s_static("Safari/537.36")
s_delim(" ")
s_static("QIHU")
s_delim(" ")
s_static("360SE")
s_static("\r\n")
s_static("Content-Type:")
s_delim(" ")
s_static("application/x-www-form-urlencoded;")
s_delim(" ")
s_static("charset=UTF-8")
s_static("\r\n")
s_static("Referer:")
s_delim(" ")
s_static("http://ihome.360.cn/app/led_ctrl/webs/index.html?t=1597391805452")
s_static("\r\n")
s_static("Accept-Encoding:")
s_delim(" ")
s_static("gzip,")
s_delim(" ")
s_static("deflate")
s_static("\r\n")
s_static("Accept-Language:")
s_delim(" ")
s_static("zh-CN,zh;q=0.9")
s_static("\r\n")
s_static("Cookie:")
s_delim(" ")
s_static("__huid=11lM5QC7M8%2BV1m3gpUbZxqvmp7coC1eB9CCPwMYIxdv38%3D;")
s_delim(" ")
s_static("__guid=132730903.1862459395348000300.1571113487520.2976;")
s_delim(" ")
s_static("v=o14)R.-Hwi:T1ZCsB878;")
s_delim(" ")
s_static("Qs_lvt_317691=1571458567%2C1571458709;")
s_delim(" ")
s_static("Qs_pv_317691=2053859005725308000%2C2143554520725135600;")
s_delim(" ")
s_static("bad_id73963b90-5cf1-11e9-9a78-b1dd2463a67d=71c7cc71-f729-11e9-bad4-935ebcb55de6;")
s_delim(" ")
s_static("__DC_gid=65863720.124356338.1571407940111.1576040598488.23;")
s_delim(" ")
s_static("Qs_lvt_327145=1576040593%2C1576040598;")
s_delim(" ")
s_static("Qs_pv_327145=3877702283560961000%2C2235936494817687300%2C1812823523483131100%2C1983296644454798300;")
s_delim(" ")
s_static("Qs_lvt_299978=1577692531;")
s_delim(" ")
s_static("Qs_pv_299978=3121754979306215400;")
s_delim(" ")
s_static("_ga=GA1.2.1911454275.1577692533;")
s_delim(" ")
s_static("__gid=65863720.124356338.1571407940111.1584088558934.86;")
s_delim(" ")
s_static("Qihoo_360_login=3aba4d3d59d988db817a2e4674375f9a;")
s_delim(" ")
s_static("monitor_count=1")
s_static("\r\n")
s_static("Connection:")
s_delim(" ")
s_static("close")
s_static("\r\n")
s_static("\r\n", "Request-CRLF")
with s_block("Body-Content"):
s_static("start_hour=")
s_string("23", max_len=1024)
s_static("&")
s_static("start_minute=")
s_string("00", max_len=1024)
s_static("&")
s_static("end_hour=")
s_string("07", max_len=1024)
s_static("&")
s_static("end_minute=")
s_string("00", max_len=1024)
s_static("&")
s_static("timer_day=")
s_string("1%202%203%204%205%206%207", max_len=1024)
s_static("&")
s_static("timer_enable=")
s_string("1", max_len=1024)
s_static("&")
s_static("action=")
s_string("add", max_len=1024)
s_static("&")
s_static("idx=")
s_string("", max_len=1024)
session.connect(s_get("Post"))
session.fuzz()
if __name__ == "__main__":
main()
'''
POST /app/universal_app/led_ctrl_set.cgi HTTP/1.1
Host: ihome.360.cn
Content-Length: 122
Accept: */*
Origin: http://ihome.360.cn
X-Requested-With: XMLHttpRequest
token_id: 473a100f2461ce8d66c7669b1ef753fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 QIHU 360SE
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://ihome.360.cn/app/led_ctrl/webs/index.html?t=1597391805452
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: __huid=11lM5QC7M8%2BV1m3gpUbZxqvmp7coC1eB9CCPwMYIxdv38%3D; __guid=132730903.1862459395348000300.1571113487520.2976; v=o14)R.-Hwi:T1ZCsB878; Qs_lvt_317691=1571458567%2C1571458709; Qs_pv_317691=2053859005725308000%2C2143554520725135600; bad_id73963b90-5cf1-11e9-9a78-b1dd2463a67d=71c7cc71-f729-11e9-bad4-935ebcb55de6; __DC_gid=65863720.124356338.1571407940111.1576040598488.23; Qs_lvt_327145=1576040593%2C1576040598; Qs_pv_327145=3877702283560961000%2C2235936494817687300%2C1812823523483131100%2C1983296644454798300; Qs_lvt_299978=1577692531; Qs_pv_299978=3121754979306215400; _ga=GA1.2.1911454275.1577692533; __gid=65863720.124356338.1571407940111.1584088558934.86; Qihoo_360_login=3aba4d3d59d988db817a2e4674375f9a; monitor_count=1
Connection: close
start_hour=23&start_minute=00&end_hour=07&end_minute=00&timer_day=1%202%203%204%205%206%207&timer_enable=1&action=add&idx=
'''
对sulley 那些语法一窍不通照着模板写了个,貌似fuzz的时候能连接成功!
脚本像坨shi,生成的脚本也像坨shi
主要起个抛砖引玉的效果,大佬们别骂了